ProBoards.com now an httpS: site, bolloxed our images FIXED Feb 18, 2020 13:22:12 GMT -8
Post by GooRoo on Feb 18, 2020 13:22:12 GMT -8
Redirecting to HTTPS
When this change goes live, we will automatically redirect forums from http to https. For example, this support forum will change from http://support.proboards.com to https://support.proboards.com.
Mixing HTTPS & HTTP Content
In order for your web browser to identify a website as "secure" at the top, everything that loads from that website must be loaded securely over https. When visiting a secure webpage, if that webpage loads an image or other content from a webpage that is http (not https), this is not considered secure. Therefore, browsers may display a warning message such as this one from Chrome:
Across ProBoards, users have posted literally millions of pictures, many of which load from insecure websites. These pictures might be in posts, avatars, or even forum logos. When you load your forum, we want the browser to say that it is fully secure. How can we do that when users have included images from insecure websites in their posts?
Forcing all Content to HTTPS
Thankfully, there is a simple solution which modern browsers support. Websites have a special way to tell browsers that all content should load over https, even if the webpage has images or other content that are http. This results in a secure connection for all content.
But, there is a catch.
When you load a secure webpage, and the browser is told to load all content securely, what happens to hotlinked content on websites that don't allow https? The content will fail to load. This browser feature exists to ensure webpage content stays 100% secure.
- Your forum is support.proboards.com
- You hotlink an image from example.com/logo.jpg
- Let's pretend that example.com does not allow https connections
- The image will fail to load
Content that loads from ProBoards servers will work without issue.
Is there a test forum that is live where I can see HTTPS in action on ProBoards?
Yes, in fact this Support Forum is set to SSL mode right now. All pages load over HTTPS! If you experience any problems with this forum, please let us know.
How can I test if there will be any problems on my forum?
Most forums should not experience any issues. For the average forum, we recommend checking:
- If you have a forum logo, verify that the URL works over https
- If your profile avatar is hotlinked from a third party website, check to make sure the link works over https
To check if a URL works over https, change "http://" to "https://" and load the URL in your browser. If it loads, then there is no problem. If it does not load, then you will want to upload that content to a different website that does support https, and update the URL on your forum.
What about Custom Domains?
We will be supporting HTTPS for all custom domains. However, to do so requires that we obtain a security certificate for every custom domain, which means we incur additional costs. Due to this, the price for custom domains is changing to $19.99/year.
I want to note that we do not make a profit on our custom domain service. In fact, we lose money by offering this service, even at this increased rate.
If you already paid for your custom domain at the old rate, you will still get SSL on your domain with no additional charge. The new rate will only apply once you go to renew your domain with us in the future.
When is this change going into effect?
We do not have an exact date, but we anticipate that we will go live in the next week or two. Custom domains may go live on a different date than non-custom domain forums. Stay tuned for future announcements.
Does this affect links to other websites?
HTTPS is coming to all ProBoards forums. You probably won't have any issues with this change. If you load content (such as images) from third party websites on your forum, you may want to check to make sure they work over HTTPS using the above instructions.